package filter;

import pojo.User;

import javax.servlet.*;
import javax.servlet.annotation.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

@WebFilter(filterName = "LoginFilter",urlPatterns = "/*")
//过滤器初始化
public class LoginFilter implements Filter {
   //销毁过滤器
    public void init(FilterConfig config) throws ServletException {

    }


    public void destroy() {
    }

    //执行过滤
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws ServletException, IOException {
        //chain.doFilter(request, response);
        //检查一下用户是登录，如果已登录，就放行；如果没有登录就拦截，让他去登录
        //将request和response进行类型转换
        HttpServletRequest req = (HttpServletRequest)request;
        HttpServletResponse resp = (HttpServletResponse) response;
        //处理特殊情况，登录 注册 静态文件都不能扔拦截
        String [] urls = {"/login.jsp","/register.jsp",
                "/css","/images","/js","/login","/user","/verifyCode"};
        //获取当前访问的URi
        String uri = req.getRequestURI();
        for (String u : urls) {
            if (uri.contains(u)){
                chain.doFilter(req,resp);
                return;
            }
        }
        //检查session中是否存放了LOGIN_USER
        HttpSession session = req.getSession();
        User user = (User) session.getAttribute("LOGIN_USER");
        if (user!=null){
            //已经登陆
            chain.doFilter(req,resp);
        }else{
            //如果没有登录就拦截，让他去登录
            request.setAttribute("LOGIN_MSG","您尚未登陆，请先登录");
            request.getRequestDispatcher("/login.jsp").forward(request,response);
            return;

        }
    }
}
